From cb679f3206566cdf37a80a764a3bdad47eb48cfc Mon Sep 17 00:00:00 2001 From: Steve Beattie Date: Fri, 24 Jan 2014 11:17:23 -0800 Subject: [PATCH] add keyword 'other' vim syntax support, plus language parsing tests Signed-off-by: Steve Beattie Acked-by: John Johansen --- parser/tst/simple_tests/file/allow/ok_other_1.sd | 7 +++++++ parser/tst/simple_tests/file/allow/ok_other_2.sd | 7 +++++++ parser/tst/simple_tests/file/ok_other_2.sd | 7 +++++++ parser/tst/simple_tests/file/ok_other_3.sd | 7 +++++++ utils/vim/create-apparmor.vim.py | 8 ++++---- 5 files changed, 32 insertions(+), 4 deletions(-) create mode 100644 parser/tst/simple_tests/file/allow/ok_other_1.sd create mode 100644 parser/tst/simple_tests/file/allow/ok_other_2.sd create mode 100644 parser/tst/simple_tests/file/ok_other_2.sd create mode 100644 parser/tst/simple_tests/file/ok_other_3.sd diff --git a/parser/tst/simple_tests/file/allow/ok_other_1.sd b/parser/tst/simple_tests/file/allow/ok_other_1.sd new file mode 100644 index 000000000..4e2104ba6 --- /dev/null +++ b/parser/tst/simple_tests/file/allow/ok_other_1.sd @@ -0,0 +1,7 @@ +# +#=DESCRIPTION simple allow other flag test +#=EXRESULT PASS + +profile test { + allow other /tmp/** rw, +} diff --git a/parser/tst/simple_tests/file/allow/ok_other_2.sd b/parser/tst/simple_tests/file/allow/ok_other_2.sd new file mode 100644 index 000000000..bc13ce045 --- /dev/null +++ b/parser/tst/simple_tests/file/allow/ok_other_2.sd @@ -0,0 +1,7 @@ +# +#=DESCRIPTION simple audit allow other flag test +#=EXRESULT PASS + +profile test { + audit allow other /tmp/** rw, +} diff --git a/parser/tst/simple_tests/file/ok_other_2.sd b/parser/tst/simple_tests/file/ok_other_2.sd new file mode 100644 index 000000000..d2eeb7402 --- /dev/null +++ b/parser/tst/simple_tests/file/ok_other_2.sd @@ -0,0 +1,7 @@ +# +#=DESCRIPTION simple deny other flag test +#=EXRESULT PASS + +profile test { + deny other /tmp/** rw, +} diff --git a/parser/tst/simple_tests/file/ok_other_3.sd b/parser/tst/simple_tests/file/ok_other_3.sd new file mode 100644 index 000000000..2972f34a3 --- /dev/null +++ b/parser/tst/simple_tests/file/ok_other_3.sd @@ -0,0 +1,7 @@ +# +#=DESCRIPTION simple other flag test +#=EXRESULT PASS + +profile test { + audit other /tmp/** rw, +} diff --git a/utils/vim/create-apparmor.vim.py b/utils/vim/create-apparmor.vim.py index 3f17a27d3..10e221b55 100644 --- a/utils/vim/create-apparmor.vim.py +++ b/utils/vim/create-apparmor.vim.py @@ -89,11 +89,11 @@ filename = r'(\/|\@\{\S*\})\S*' aa_regex_map = { 'FILENAME': filename, - 'FILE': r'\v^\s*(audit\s+)?(deny\s+|allow\s+)?(owner\s+)?' + filename + r'\s+', # Start of a file rule + 'FILE': r'\v^\s*(audit\s+)?(deny\s+|allow\s+)?(owner\s+|other\s+)?' + filename + r'\s+', # Start of a file rule # (whitespace_+_, owner etc. flag_?_, filename pattern, whitespace_+_) - 'DENYFILE': r'\v^\s*(audit\s+)?deny\s+(owner\s+)?' + filename + r'\s+', # deny, otherwise like FILE - 'auditdenyowner': r'(audit\s+)?(deny\s+|allow\s+)?(owner\s+)?', - 'audit_DENY_owner': r'(audit\s+)?deny\s+(owner\s+)?', # must include "deny", otherwise like auditdenyowner + 'DENYFILE': r'\v^\s*(audit\s+)?deny\s+(owner\s+|other\s+)?' + filename + r'\s+', # deny, otherwise like FILE + 'auditdenyowner': r'(audit\s+)?(deny\s+|allow\s+)?(owner\s+|other\s+)?', + 'audit_DENY_owner': r'(audit\s+)?deny\s+(owner\s+|other\s+)?', # must include "deny", otherwise like auditdenyowner 'auditdeny': r'(audit\s+)?(deny\s+|allow\s+)?', 'EOL': r'\s*,(\s*$|(\s*#.*$)\@=)', # End of a line (whitespace_?_, comma, whitespace_?_ comment.*) 'TRANSITION': r'(\s+-\>\s+\S+)?',